CLAIMS 



We claim: 

1. A computer-implemented method for providing access to consumer 
information comprising: 

storing an information account in a central data repository that is accessible via a 
distributed network, the information account containing consumer information elements 
that can be accessed, retrieved and altered by tiie consumer; 

associating consumer authentication information with the information account 
such that access to the information account by the consumer is conditioned upon receipt 
and verification of the consumer authentication information; and 

further associating a temporary authorization with the information account, the 
temporary authorization having consumer-defined attributes that define access privileges 
that will be granted to a person who presents the temporary authorization along with a 
request for access to the information account 

2. A computer readable medium having stored thereon computer executable 
instructions for performing the method of claim 1 . 

3. The method of claim 1, wherein the consumer-defined attributes comprise 
at least one of the access privileges relating to: a number of times that the temporary 
authorization may be used to access the information account, a period of validity 
associated with the temporary authorization, a type of the consumer information elements 
that can be accessed, and a specification of read, write and/or modify privileges. 

4. The method of claim 1, wherein the consumer-defined attributes include a 
filter identifier that identifies a filter to be used to ensure that only authorized data is 
filtered for release to the party who presents the temporary authorization. 

5. The method of claim 1, further comprising the step of transmitting the 
temporary authorization to the consumer; and 
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wherein the consumer presents the temporary authorization to a third-party. 



6. The method of claim 1, further comprising the step of transmitting the 
temporary authorization to a designated third-party on behalf of the consumer. 

7. A computer readable medium having stored fliereon computer executable 
instructions for performing the method of claim 6. 

8. The method of claim 6, wherein transmitting the temporary authorization 
to the designated third-party comprises emailing the temporary authorization to an email 
account designated by the consumer. 

9. The method of claim 6, wherein transmitting the temporary authorization 
to the third-party comprises embedding the temporary authorization as a parameter in 
uniform resource locator and re-directing a browser operated by the consumer to a web 
page associated with the third-party using the uniform resource locator; and 

wherein a server hosting the web page is configured to extract the temporary 
authorization from the uniform resource locator and to transmit a request for access to the 
information account along with the temporary authorization on behalf of the third-party. 

10. The method of claim 6, wherein transmitting the temporary authorization 
to the third-party comprises storing the temporary authorization in a second information 
account stored in the central data repository and associated with the third-party. 

11. The method of claim 1, wherein the information account stores the 
consumer information elements as a tagged data structure. 
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12. A computer-implemented method for providing access to consumer 
information comprising: 

presenting to a host server via a distributed network a request for access by a 
consumer to an information account along with consumer authentication information, the 
information account being stored in a central data repository that is accessible by the host 
server via the distributed network, the information account containing consumer 
information elements that can be accessed, retrieved and altered by the consumer; 

receiving from the host server an acknowledgment that the consumer has been 
authenticated based on the consumer authentication information and thereby granted 
access to the information account; and 

in response to the acknowledgment, transmittmg to the host server a request by 
the consumer for generation of a temporary authorization having consumer-defined 
attributes that define access privileges that will be granted to a person who presents the 
temporary authorization along with a subsequent request for access to the mformation 
account. 

13. A computer readable medium having stored thereon computer executable 
instructions for performing the method of claim 12. 

14. The method of claim 12, wherein the consumer-defined attributes 
comprise at least one of the access privileges relating to: a number of times that the 
temporary autiiorization may be used to access the information account, a period of 
validity associated with the temporary authorization, a type of the consumer information 
elements that can be accessed, and a specification of read, write and/or modify privileges. 

15. The method of clarni 12, wherein the consumer-defined attributes include 
a filter identifier that identifies a filter to be used to ensure that only authorized data is 
filtered for release to the party who presents the temporary authorization. 

16. The method of claim 12, further comprising the steps of: 
receiving the temporary authorization firom the host server; and 



46 



presenting the temporary authorization to the consumer for delivery to a third- 
party. 

17. The method of claim 12, wherein the host server generates the temporary 
authorization and transmits the temporary authorization to a designated third-party on 
behalf of the consimier. 

18. A computer readable medium having stored thereon computer executable 
instructions for performing the method of claim 17. 

19. The method of claim 17, wherein transmitting the temporary authorization 
to the designated third-party comprises emailing the temporary authorization to an email 
account designated by the consumer. 

20. The method of claim 17, wherein transmitting the temporary authorization 
to the third-party comprises embedding the temporary authorization as a parameter in a 
uniform resource locator and re-directing a browser operated by the consumer to a web 
page associated with the third-party using the uniform resource locator; and 

wherein a server hosting the web page is configured to extract the temporary 
authorization from the uniform resource locator and to transmit a request for access to the 
information account along with the temporary authorization on behalf of the third-party. 

21. The method of claim 17, wherein transmitting the temporary authorization 
to the third-party comprises storing the temporary authorization in a second information 
account stored in the central data repository and associated with the third-party. 

22. The method of claim 12, wherein the information account stores the 
consumer information elements as a tagged data structure. 
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23. A method for providing access to consumer information via a distributed 
network comprising: 

receiving from a client device executing a browser a request for access to an 
information account and consumer authentication information, the information account 
being stored in a central data repository and containing consumer information elements 
that can be accessed, retrieved and altered by the consumer; 

in response to authenticating the consumer to access the information account 
based on the consumer authentication information, generating a temporary authorization 
having consumer-defined attributes that define access privileges that will be granted to an 
entity that presents the temporary authorization along with a further request for access to 
the information account; 

embedding the temporary authorization as a parameter in a uniform resource 
locator and redirecting the browser of the client device to a web page associated with a 
third-party using the uniform resource locator; 

subsequently receiving a communication from a server hosting the web page 
comprising the further request for access to the information account along with the 
temporary authorization; and 

in response to receiving the temporary authorization, authenticating the third-party 
to access the information account according to the access privileges associated with the 
temporary authorization. 

24. A computer readable medium having stored thereon computer executable 
instructions for performing the method of claim 23. 

25. The method of claim 23, wherein the consumer-defined attributes 
comprise at least one of the access privileges relating to: a number of times that the 
temporary authorization may be used to access the information account, a period of 
validity associated with the temporary authorization, a type of the consumer information 
elements that can be accessed, and a specification of read, write and/or modify privileges. 
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26. The method of claim 23, wherein the consumer-defined attributes include 
a filter identifier that identifies a filter to be used to ensure that only authorized data is 
filtered for release to the party who presents the temporary authorization. 

27. The method of claim 23, wherein the information account stores the 
consumer information elements as a tagged data structure. 

28. The method of claim 23, wherein the communication from the server is 
generated by a server-side application. 

29. The method of claim 28, wherein the communication conforms with 
Simple Object Access Protocol. 
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30. A system for providing access to consumer information comprising: 

a central data repository accessible via a distributed network for storing an 
information account containing consumer information elements that can be accessed, 
retrieved and altered by the consumer; 

a communication device for receiving from the consumer via the distributed 
network consumer authentication information, a request for a temporary authorization and 
consumer-defined attributes defining access privileges that will be granted to a person 
who presents the temporary authorization along with a request for further access to the 
information account; and 

a processor configured for executing computer-executable instructions for: 

in response to receiving the consumer authentication information, 
accessing an authentication table to determine whether the consumer 
authentication information is associated with the information account, such that 
the consumer may be provided with access to the information account, and 

in response to determining that the consimier authentication information is 
associated with the information account and in response to the request for the 
temporary authorization, generating the temporary authorization having tiie 
consumer-defined attributes. 

3 1 . The system of claim 30, wherein the consumer-defined attributes comprise 
at least one of the access privileges relating to: a number of times that the temporary 
authorization may be used to access the information account, a period of validity 
associated with the temporary authorization, a type of the consumer information elements 
that can be accessed, and a specification of read, write and/or modify privileges. 

32. The system of claim 30, wherein the consumer-defined attributes include a 
filter identifier that identifies a filter to be used to ensiure that only authorized data is 
filtered for release to the party who presents the temporary authorization. 
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33. The system of claim 30, wherein the processor is further configured for 
executing computer-executable instructions for transmitting the temporary authorization 
to the consumer for delivery to a tiiird-party. 

34. The system of claim 30 , wherein the processor is further configured for 
executing computer-executable instructions for transmitting the temporary authorization 
to a designated third-party on behalf of the consumer. 

35. The system of claim 34, wherein transmitting the temporary authorization 
to the designated third-party comprises emailing the temporary authorization to an email 
account designated by the consumer. 

36. The system of claim 34, wherein transmitting the temporary authorization 
to the third-party comprises embedding the temporary authorization as a parameter in a 
uniform resource locator and re-directing a browser operated by the consumer to a web 
page associated with the third-party using the uniform resource locator; and 

wherein a server hosting the web page is configured to extract the temporary 
authorization from the uniform resource locator and to transmit a request for access to the 
information account along with the temporary authorization on behalf of the third-party. 

37. The system of claim 34, wherein transmitting the temporary authorization 
to the third-party comprises storing the temporary authorization in a second information 
account stored in the central data repository and associated with the third-party. 

38. The system of claim 30, wherein the information account stores the 
consumer information elements as a tagged data structure. 
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39. A computer-implemented method for providing access to an information 
account, comprising the steps of: 

receiving, over a distributed network, requests from different network devices for 
access to the information account, each of said requests comprising an authorization 
identifier; 

in response to each of the requests, retrieving a set of authorization parameters 
associated with the authorization identifier, said authorization parameters being defined 
by the entity whose information is stored in the information account; and 

granting access to each of the network devices in accordance with the 
authorization parameters retrieved in response to the network device's request. 

40. The method of claim 39, wherein said authorization parameters specify a 
number of times the authorization identifier can be used to access the information 
account. 

41. The method of claim 39, wherein said authorization parameters specify a 
period of time over which the authorization identifier can be used to access the 
information account. 

42. The method of claim 39, wherein said authorization parameters specify 
what portion of the information account can be accessed. 

43. The method of claim 39, wherein said authorization parameters specify 
whether the requestor is authorized to write information to the information account and 
whether the requestor is authorized to modify existing information in the information 
account. 

44. The method of claim 39, further comprising the steps of: 

receiving, over the distributed network, a request to define access privileges to the 
information account for a specified network device; 

authenticating the request to define access privileges; 
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storing a set of authorization parameters specifying the access privileges for the 
specified network device; 

associating an authorization identifier with the stored set of authorization 
parameters; and 

transmitting the authorization identifier to the specified network device, said 
authorization identifier thereafter being useable to provide the specified network device 
with access to the information account according to the stored set of authorization 
parameters. 

45. The method of claim 44, wherein said step of transmitting the 
authorization identifier to the specified network device comprises the step of transmitting 
the authorization identifier to an account associated with the specified network device. 

46. The method of claim 44, wherein said step of transmitting the 
authorization identifier to the specified network device comprises the step of storing the 
authorization identifier in an electronic account associated witii the specified network 
device. 

47. The method of claim 44, wherein said step of transmitting the 
authorization identifier to the specified network device comprises the steps of embedding 
the authorization identifier in a network address tag, and transmitting the network address 
tag to a remote browser, such that the browser is redirected to the specified network 
device, thereby permitting the specified network device to extract the authorization 
identifier. 
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48. A system for providing access to an information account, comprising: 
a data repository storing an information account; 

a network interface for receiving, over a distributed network, requests from 
different network devices for access to the information account, each of said requests 
comprising an authorization identifier; and 

a processor, said processor configured to retrieve, in response to each of the 
requests, a set of authorization parameters associated with the authorization identifier, and 
to grant access to each of the network devices in accordance with the authorization 
parameters retrieved in response to the network device's request; 

wherein said authorization parameters are defined by the entity whose information 
is stored in the information account. 

49. The system of claim 48, wherein said authorization parameters specify a 
number of times the authorization identifier can be used to access the information 
account. 

50. The system of claim 48, wherein said authorization parameters specify a 
period of time over which the authorization identifier can be used to access the 
information account. 

51. The system of claim 48, wherein said authorization parameters specify 
what portion of the information account can be accessed. 

52. The system of claim 48, wherein said authorization parameters specify 
whether the requestor is authorized to write information to the information accoimt and 
whether the requestor is authorized to modify existing information in the information 
account. 

53. The system of claim 48, wherein said network interface is configured to 
receive, over the distributed network, a request to define access privileges to the 
information account for a specified network device, and wherein said processor is further 
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configured to store a set of authorization parameters specifying the access privileges for 
the specified network device, associate an authorization identifier with the stored set of 
authorization parameters, and provide the authorization identifier to the specified network 
device, said authorization identifier thereafter being useable to provide the specified 
network device with access to the information account according to the stored set of 
authorization parameters. 

54. The system of claim 53, wherein the authorization identifier is provided to 
the specified network device by transmitting the authorization identifier to an account 
associated with the specified network device. 

55. The system of claim 53, wherein the authorization identifier is provided to 
the specified network device by storing the authorization identifier in an electronic 
account associated with the specified network device. 

56. The system of claim 53, wherein the authorization identifier is provided to 
the specified network device by embedding the authorization identifier in a network 

address tag and transmitting the network address tag to a remote browser, such that the 
browser is redirected to the specified network device, thereby permitting the specified 
network device to extract the authorization identifier. 
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57. A computer-implemented method for providing selective access to a 
consumer information account, the method comprising the steps of: 

providing an interface whereby an owner of the consumer information account 
can specify the terms by which third parties can access the consumer information 
account; 

storing the terms for future use; 

associating the stored terms with one or more authorization tickets; and 
transmitting the authorization tickets to specified third parties; 

58. The method of claim 57, further comprising the steps of: 

receiving requests from the third parties for access to the consumer information 
account, each of the requests comprising an authorization ticket; 

in response to each of the requests, retrieving flie stored terms associated 
therewith; and 

granting the third parties access to the consumer information account in 
accordance with the stored terms associated with the thurd party's authorization ticket. 

59. The method of claim 57, wherein each of said autiiorization tickets is 
associated with a set of authorization parameters. 
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